Information Security Risk Management | The MITRE Corporation

Information Security Risk Management

Showing 10 results for Information Security Risk Management

Technical Paper | April 2018 Analysis of the NIST Mobile Device Security Practice Guide’s Applicability to Australia The Australian Cyber Security Growth Network contracted with MITRE to assess the applicability of the NIST Cybersecurity Practice Guide for Mobile Device Security: Cloud and Hybrid Builds to Australian organizations. This report summarizes our analyses.

Technical Paper | May 2017 Building a National Cyber Information-Sharing Ecosystem The authors discuss ways to build a national unclassified cyber information-sharing ecosystem based on lessons learned from cyber information-sharing in the U.S. and case studies of three regional Information Sharing and Analysis Organizations.

Technical Paper | October 2016 Resiliency Mitigations in Virtualized and Cloud Environments This paper discusses the challenges posed by virtual and cloud environments, and how cyber resiliency techniques can increase mission assurance in environments whose architectures are based on virtual infrastructure and cloud services.

Technical Paper | September 2015 Adversarial Tactics, Techniques and Common Knowledge-ATT&CK™-Presentation This presentation discusses ATT&CK, developed by MITRE to help organizations quickly detect cyber threats, identify, categorize cyber adversary behaviors. This allows for both a tailored response and a recovery plan specific to the breach.

Technical Paper | May 2016 Structured Cyber Resiliency Analysis Methodology The Structured Cyber Resiliency Analysis Methodology (SCRAM) defines processes, supported by such resources as frameworks/models, value scales, and datasets. This paper presents a high-level description of SCRAM and identifies representative resources.

Technical Paper | May 2016 The Risk Management Framework and Cyber Resiliency When advanced cyber threats are considered, cyber resiliency can be seen as essential to achieving the goals of the Risk Management Framework. This paper presents several perspectives and indicates how cyber resiliency fits from each perspective.

Technical Paper | May 2016 Cyber Resiliency Metrics-Key Observations This point paper presents observations about cyber resilience metrics, drawn from experience, workshop sessions, and the literature, which could be helpful to those seeking to define cyber resilience metrics.

Technical Paper | February 2016 Cyber Operations Rapid Assessment (CORA): Examining the State of Cybersecurity Assessment Methodologies and Introducing a New Alternative MITRE has developed the Cyber Operations Rapid Assessment (CORA) methodology to help organizations identify areas in their cybersecurity defensive practices related to threat information that can be improved. The authors discuss the methodology in detail.

Technical Paper | February 2016 Cyber Operations Rapid Assessment (CORA): A Guide to Best Practices for Threat-Informed Cyber Security Operations This paper captures the underlying assumptions of the CORA methodology by describing what a robust, threat-informed cyber security program looks like. The authors identify a selection of key practices in each of five areas.

Project Story | December 2015 A Public-Private Partnership Takes on Real-World Cybersecurity Issues Protecting our nation's critical networks and data is the very definition of a team sport. That's why the government has created a center for collaboration where MITRE, the business community, and academia are tackling shared cyber challenges.

Pages

MITRE is proud to be an equal opportunity employer. MITRE recruits, employs, trains, compensates, and promotes regardless of race, religion, color, national origin, gender, gender expression, sexual identity, disability, age, veteran status, and other protected status.

Copyright © 1997-2018, The MITRE Corporation. All rights reserved. MITRE is a registered trademark of The MITRE Corporation. Material on this site may be copied and distributed with permission only.